A vulnerability described as critical has been identified in Capgo up to 12.128.1 . This affects an unknown function of the file /build/upload . Executing a manipulation can lead to missing authentication. This vulnerability is tracked as CVE-2026-56299 . The attack can be launched remotely. No exploit exists. Upgrading the affected component is recommended.